Thus spake "José Luis Navarro Adam" <[EMAIL PROTECTED]> > As I know, AES was the encryptation algorithm selected by AES due to > best performance with dedicated hardware...
You mean Rijndael was the algorithm selected by NIST to be AES due to the best overall performance across a variety of implementations, including but not limited to dedicated hardware. > Actually, openssl recommends Blowfish (other AES finalist) because > its performance by software encryptation (as Linux is) is much better... To my knowledge, the OpenSSL Project doesn't recommend any particular cipher. Blowfish was not an AES candidate because it did not meet several of the requirements. Twofish was an adaptation that was considered, but its performance was worse and was very difficult to understand (and therefore to cryptoanalyze). While Bruce Schneier was unhappy his Twofish algorithm wasn't selected, he has publicly stated that Rijndael is a good choice. > Anyway, I have read taht it will do soon with AES. AES code has been in OpenSSL snapshots for quite a while. > Please, have a look at > > http://www.sans.org/rr/papers/20/1459.pdf > > This article from charlie Hosner of SANS Institute talks about this... That article is about OpenVPN, not OpenSSL, which is only mentioned twice in passing. And, for that matter, one of those mentions does show that OpenSSL has AES implemented already. S Stephen Sprunk "Stupid people surround themselves with smart CCIE #3723 people. Smart people surround themselves with K5SSS smart people who disagree with them." --Aaron Sorkin ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]